Inhalte aufrufen

  • Mitglieder
  • Marketplace
  • Blogs
Profilbild

WebAPI - Permission Problem

Eröffnet von Fred Jie , Jan 16 2023 03:21
webapi permission problem

  • Bitte melden Sie sich an, um eine Antwort zu verfassen.
3 Antworten zu diesem Thema

#1 Fred Jie

Fred Jie

    Newbie

  • Members
  • Punkt
  • 8 Beiträge

Geschrieben: 16 January 2023 - 15:21

Hello!

 

I am developing an application with Smartstore version 5.0.2. For this, I need to use WebAPI. I'm linking with the codes below, but it's telling me to get permission for categories.
 
When I look at the membership permissions, there are permissions. Why is it giving this error?
 
Code: 
 
public IActionResult Index()
        {
            var credentials = Convert.ToBase64String(Encoding.UTF8.GetBytes($"126fe866bac36aaf17fbe229ff91e7b63:fe2a194fb273c19cad7771397c1b3111a"));
            using var message = new HttpRequestMessage(new HttpMethod("GET"), "http://localhost:5000/odata/v1/customers");
            
            var httpClient = new HttpClient();
            var contentType = new MediaTypeWithQualityHeaderValue("application/json");
            string postUrl = "http://localhost:5000/odata/v1/categories";

            httpClient.DefaultRequestHeaders.Accept.Add(contentType);
            httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", credentials);

            var request = httpClient.GetAsync(postUrl).Result;
            var response = request.Content.ReadAsStringAsync().Result;

            dynamic stuff = JObject.Parse(response);
            return View();
        }

User Permission

Image: https://prnt.sc/RsFpY8t3AYO9

 
Is there an error in my code?
 
Thanks.

#2 Marcus Gesing

Marcus Gesing

    SmartStore AG

  • Administrators
  • 3831 Beiträge

Geschrieben: 17 January 2023 - 00:18

The permission check refers to the user with the credentials you are using. From your info it's not clear what customer role your screenshot shows permission for and whether the user with the credentials accesing the API has this customer role assigned.


Marcus Gesing

Smartstore AG

#3 Fred Jie

Fred Jie

    Newbie

  • Members
  • Punkt
  • 8 Beiträge

Geschrieben: 19 January 2023 - 15:58

Hello,

 

Sorry, I'm sending you a more detailed image.

 

User Permission

Image: https://prnt.sc/FCLbEGDbatvV

 

Api Module

Image: https://prnt.sc/DBl5cV72HNxc

 

Code:

public IActionResult Index()
        {
            var credentials = Convert.ToBase64String(Encoding.UTF8.GetBytes($"1cf8c069f8a6645113214ea5eabbedbd:59b3c8796b630edf833e7146673554bd"));
            using var message = new HttpRequestMessage(new HttpMethod("GET"), "http://localhost:5000/odata/v1/customers");
            
            var httpClient = new HttpClient();
            var contentType = new MediaTypeWithQualityHeaderValue("application/json");
            string postUrl = "http://localhost:5000/odata/v1/categories";

            httpClient.DefaultRequestHeaders.Accept.Add(contentType);
            httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", credentials);

            var request = httpClient.GetAsync(postUrl).Result;
            var response = request.Content.ReadAsStringAsync().Result;

            dynamic stuff = JObject.Parse(response);
            return View();
        }

Is there an error in my code.. Can you review it this way? 

We are getting an error as in the picture below.

 

https://prnt.sc/sMf48FmWquoG

 

We look forward to your help.
Thanks..


Bearbeitet von Fred Jie, 19 January 2023 - 16:01,

#4 Marcus Gesing

Marcus Gesing

    SmartStore AG

  • Administrators
  • 3831 Beiträge

Geschrieben: 20 January 2023 - 10:26

I cannot reproduce this. Your code is fine. It is not the cause of the error. (PS: "message" is not used anywhere and the async methods should be called with "await"). The authentication is successful. What fails is the subsequent permission check for categories reading. Has the user with ID 41 assigned the customer group "Api User"? Can you provide a link to download the database? Then I would debug it.

Marcus Gesing

Smartstore AG

Zurück zu General Smartstore

Auch markiert mit einem oder mehrerer dieser Schlüsselwörter: webapi, permission problem

  1. Smartstore Community
  2. Smartstore (English)
  3. General Smartstore
  4. Datenschutzerklärung
  5. Smartstore - Forum - Blogs - Marketplace (SCM) AGB ·